14 DAY TRIAL // A new phishing campaign is currently in progress and tries to use the famous security company Sophos to trick users to reveal their login details. The message encourages users to click on a spoofed website in order to enter their details that would allow the attackers to steal the accounts. According to Mary Landesman from About.com, the email targets the consumers of the Merrill Lynch Business Center, informing them about a malware notification released by Sophos. The fake security advisory sustains the Troi/Agent-FWO Trojan was discovered into an animated cartoon and might harm the users' computers unless they login on a server with their private username and password.
"Thank you for choosing Merrill Lynch Business Center. An advisory from Sophos Labs informed yesterday that a malware writer has been infecting thousands of computers by hiding a new Trojan variant in a cartoon video, which has been spread around the world via e-mail. The malware, identified as Troi/Agent-FWO Trojan was hidden into "Yes & No" Shockwave video, a popular cartoon created by the Italian animator Bruno Bozzetto," the message reads according to the same source.
"Please use next link to enter the Merrill Lynch Business Center via protected online server. The system will automatically detect infection and you will get report to your web browser during next 60 seconds."
Obviously, you're advised to avoid clicking on the links included in unknown messages arriving in your inbox and to refuse writing your username and password on untrusted websites. John Hawes, Technical Consultant at Virus Bulletin, said this technique has been used by numerous hackers for a long period of time, but it seems that some of the users are still naive: "Relying on fear to bypass people's caution responses is almost as common as other lures like sex and greed. Sophos' corporate focus may give its name added weight to customers of Merrill Lynch, but the odd grammar used in the email should make it obvious to recipients that the message is a fake, and hopefully people are starting to learn that following links in emails and handing over important login data is a bad move."